Automation Process- For all the extraordinary technology that is going into the development of self-driving cars, I find it fascinating that their success may most depend on something that is not really technical at all: the moment the ordinary driver feels comfortable enough to switch the vehicle into self-driving mode for the first time. Cybersecurity professional teams should consider what it takes to inspire that confidence, as well as maintain and even increase it over regular use.
Because as artificial intelligence and automation become both more common and more necessary, isn’t that what we are asking CISOs and their teams to do? We are saying, “Take your hands off the wheel. Take your eyes off the road, and entrust everything to this technology.” Is it any wonder security leaders feel cautious?
Thankfully, that sense of caution is one of the best foundations on which to build a successful and reliable automation capability. That’s because automation requires a serious measure of confidence to bring maximum benefits to organizations. Developing that confidence is a process, and a careful and consistent one at that.
If fact, everything about successful automation is a process. The more CISOs and their teams understand that, the more they will benefit from it. Without that knowledge, it is easy to not only be unprepared for the increasingly automated threat landscape but, in fact, overconfident and over-automated in ways that will not make a network safer. This becomes timely to think about when considering some of the dramatic security operations challenges organizations have faced in recent weeks with scaling remote work.
The first step to build that confidence is to understand the process that went into building the artificial neural network (ANN) that powers the automation.
An ANN is a system of hardware or software designed to pattern the operation of neurons in the brain. Achieving this is a massive undertaking involving hundreds of security professionals inputting millions of data points over the course of years. It is an extensive process of supervised, unsupervised and reinforcement learning that enables it to efficiently identify and respond to the billions of security events that occur every day.